Director of Compliance

About The Position

Requirements

• Bachelor’s degree required (Business, Healthcare Administration, Public Health, Nursing, Legal/Compliance, or related field).
• 5+ years of progressive experience in healthcare/HCBS compliance, including investigation oversight and policy management.
• Strong knowledge of HIPAA/HITECH, federal/state healthcare and HCBS regulations, FWA standards, exclusion screening, conflicts governance, and privacy incident management.
• Demonstrated ability to manage hotlines, conduct/oversee investigations, and produce clear, objective reports.
• Proficiency with compliance case-management and analytics/reporting tools; advanced writing, facilitation, and stakeholder-influence skills.

Nice To Haves

• Multi-state IDD/behavioral health or long-term services and supports experience; payer/Medicaid waiver familiarity preferred
• Experience presenting to executive/Board audiences and working within a three-lines-of-defense or ERM structure preferred.
• Periodic travel to sites and state program offices as needed.

Responsibilities

• Program Leadership & Governance
• Operationalize and continuously improve an enterprise Compliance Program aligned to OIG’s seven elements (standards, oversight, education, communication, auditing/monitoring, enforcement/discipline, response/prevention).
• Maintain the Compliance Charter, annual work plan, and a written standards/code of conduct; ensure consistent deployment across all states and service lines.
• Coordinate the enterprise compliance risk assessment and translate results into prioritized mitigation plans and monitoring.
• Policies, Education, and Communications
• Own the lifecycle (draft/review/approve/archive) of Compliance and Privacy policies, SOPs, and document-retention standards; ensure alignment to federal/state HCBS waiver, Medicaid/Medicare, and commercial payer requirements.
• Define the annual training strategy and calendar; develop role-based education (general compliance, HIPAA privacy/security basics, fraud/waste/abuse, conflicts, documentation standards).
• Maintain accessible FAQs, toolkits, and targeted communications to reinforce standards and lessons learned.
• Hotline and Compliance Investigations Support
• Support confidential reporting channels (hotline, web, internal reports) by ensuring proper intake, triage, and documentation in alignment with established protocols.
• Assist in compliance investigation processes by coordinating case information, maintaining records, and ensuring timely escalation of matters as needed.
• Monitor case progress for adherence to protocols such as retaliation-prevention, documentation standards, and closure requirements.
• Manage compliance platforms (e.g., Resolver, Diligent, or other designated systems), ensuring data integrity, reporting accuracy, and user access controls.
• Track and summarize trends, case metrics, and system usage to support compliance oversight and reporting needs.
• Sanction/Exclusion Screening & Conflicts of Interest
• Oversee OIG/GSA/state Medicaid exclusion screening for employees, contractors, and vendors; ensure timely remediation of matches and documentation.
• Administer the annual Conflict-of-Interest disclosure process and manage follow-ups, mitigation, and Board/leadership reporting.
• Privacy & Security Collaboration
• Lead the operational Privacy Program (in partnership with Security/IT): incident intake, assessment, breach determination/notifications, mitigation, and prevention education.
• Ensure Business Associate Agreement governance, minimum necessary standards, and PHI safeguarding practices; coordinate with InfoSec on incidents that intersect privacy/security.
• Auditing, Monitoring, and Analytics
• Build an annual audit/monitoring plan (documentation standards, billing/claims risk areas, exclusion screening, training completion, policy adherence).
• Deploy dashboards and KPIs for leadership and oversight committees (e.g., hotline volumes, time-to-first-action, time-to-closure, trends by region, training completion, policy exceptions).
• Validate corrective action effectiveness and sustainment; escalate unresolved risks.
• Regulatory & Payer Interface
• Coordinate responses to government inquiries, surveys, and audits; manage timely external notifications when required by law/regulation or payer contract.
• Maintain a regulatory calendar (reportable events, timelines, renewal/attestation dates) and ensure state-specific requirements are met for IDD/behavioral health, HCBS, residential/day programs, and healthcare facilities.
• Committees, Reporting, and Culture
• Prepare materials and present to the Management Compliance Committee and Compliance Steering Committee; support Board-level reporting through the CCO.
• Promote a just-culture approach, psychological safety, and non-retaliation; partner with Operations and Quality/Risk to share “lessons learned.”
• Third-Party & Acquisition Support
• Oversee compliance due diligence and onboarding for acquisitions/affiliations; align policies, training, and exclusion screening pre- and post-close.
• Support vendor compliance (contract language, BAAs where applicable, right-to-audit, performance and sanction checks).
• Other
• Perform other duties as assigned.

Benefits

• Payactiv: early access to the money you’ve earned from hours you’ve already worked, before payday!
• Employee perks and discount program : to help you save money!
• Paid Time Off (full-time employees only)
• Health/Insurance (full-time employees only)
• 401(k) retirement savings program
• Wellbeing Programs: Physical, Emotional and Financial
• Chronic Disease management programs for hypertension and diabetes (for qualifying employees)
• Training: Free CPR, first aid, and job-specific training opportunities